Blockchain

Device Authority Secures Enterprise Blockchain Infrastructures

An Enterprise private blockchain consists of a permissioned network in which consensus is implemented through a process called selective endorsement, where known users/peers verify the transactions. The advantage of this for businesses is that only participants with the appropriate access and permissions can update the ledger. This calls for traditional Enterprise IAM (Identity and Access Management) features extended to participating nodes. The identity management is implemented with PKI Digital Certificates. Each participating organization or service provider is responsible for implementing the right IAM and CA functionality. Also, the infrastructure that runs the blockchain application needs standard IT security controls for preventing un-authorized access.

Device Authority KeyScaler provides the functionality:

IAM for Blockchain nodes

Protecting private keys and crypto keys

Preventing unauthorized access

Delivering end-to-end data security/privacy

Delegated transaction signing

Private Key Protection on Physical or Virtual Nodes

Blockchain is considered a breakthrough solution for addressing many use cases. It relies heavily on Public Key Infrastructure (PKI), but it doesn’t have a defined security model to secure the participating nodes and PKI keys.

Enterprise private blockchain consists of a permissioned Blockchain network in which consensus can be achieved through a process called “selective endorsement,” where known entities verify the transactions. The advantage for businesses is that only participants with access and permissions can maintain the transaction ledger. This calls for Enterprise IAM features extended to participating nodes.

Prevent Un-authorized Access to Critical Infrastructure

For use cases leveraging private Blockchain and vendor managed infrastructure, identity management that controls who is authorized to resources on the network, data confidentiality and access controls are important.

Scalability

Some of the unique characteristics of Blockchain technology like decentralization, replicated data stores, and consensus or permissioned mechanisms introduce scalability challenges. While PKI is a proven technology for identity and data security, implementing and managing at scale for Blockchain isn’t easy.

HSM Myth – Perfect Data Protection

HSMs are popular for secure key generation and storage. While private keys are protected in HSMs, it is still possible for attackers to compromise credentials used by nodes, and admin servers that connect directly to HSM.

Secure Soft Storage: To prevent theft of secrets and unauthorized usage, the secure software enclave stores the private key or other secrets in an encrypted state. Decryption is available only to authorized applications defined in the credential provisioning policy on the KeyScaler server